package com.oig.sys.oauth.handler;

import com.oig.auth.api.UserService;
import com.oig.sys.auth.dto.UserDto;
import com.oig.sys.security.support.SecurityUser;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

@Component
@Slf4j
@RequiredArgsConstructor
public class AuthenticationFailureEventHandler extends AbstractAuthenticationFailureEventHandler {

    private final UserService userService;

    @Override
    public void handle(AuthenticationException authenticationException, Authentication authentication) {
        Object object = authentication.getPrincipal();
        if (object instanceof SecurityUser){
            log.info("user:{} update login fail.", object);
            UserDto userDto = new UserDto();
            userDto.setUsername((String)authentication.getPrincipal());
            userService.updateLoginFail(userDto);   //岂不是权限没有控制？
        } else {
            log.info("client：{} 认证失败，异常：{}", authentication.getPrincipal(), authenticationException.getLocalizedMessage());
        }
    }


}
